Searching for Software Applications Based on Application Attributes

ABSTRACT

An application search system provides search results for applications based on one or more attributes of the applications. A search query is received by the application search system from a partner. The application search system retrieves a set of applications in response to the search query. In addition, the application search system receives, from one or more sources, restrictive information regarding one or more security attributes for one or more applications in the set of applications. A security value is generated for each of the one or more applications in the set of applications. The security value includes a security attribute value for each of the one or more security attributes. The application search system provides the retrieved set of applications for display at a user interface to the partner. Furthermore, each generated security value is also displayed in conjunction with the corresponding application.

CROSS REFERENCE TO RELATED APPLICATIONS

This U.S. patent application is a continuation of, and claims priorityunder 35 U.S.C. §120 from, U.S. patent application Ser. No. 13/873,136,filed on Apr. 29, 2013, which claims priority under 35 U.S.C. §119(e) toU.S. Provisional Application 61/639,744, filed Apr. 27, 2012, and U.S.Provisional Application 61/679,546, filed Aug. 3, 2012. The disclosuresof these prior applications are considered part of the disclosure ofthis application and are hereby incorporated by reference in theirentireties

BACKGROUND

1. Field of Art

The disclosure generally relates to the field of application search, andmore particularly to the performance of application search usingapplication attributes.

2. Description of the Related Art

In recent years, use of computers, smartphones, and otherInternet-connected devices has grown exponentially. Correspondingly, thenumber of available applications for such devices has also grown. Today,many diverse applications can be accessed on any number of differentdevices, including but not limited to, smartphones, personal computers,refrigerators, automobiles, and televisions. These diverse applicationscan range from business driven applications, games, educationalapplications, news applications, shopping applications, efficiencyapplications, messaging applications, video chatting applications, mediastreaming applications, social networking applications, and so muchmore.

BRIEF DESCRIPTION OF DRAWINGS

The disclosed embodiments have other advantages and features which willbe more readily apparent from the detailed description, the appendedclaims, and the accompanying figures (or drawings). A brief introductionof the figures is below.

FIG. 1 illustrates a schematic of an example environment for performingapplication search.

FIG. 2 is a high-level block diagram illustrating a detailed view ofexample modules within a data processing module.

FIG. 3 is a high-level block diagram illustrating a detailed view ofmodules within an application search module.

FIG. 4 is a flow chart illustrating an example method for a partner tointeract with an application search system.

FIG. 5 is a flow chart illustrating an example method for an applicationsearch system to process a search query.

FIG. 6 is a flow chart illustrating an example method for an applicationsearch system to generate search indexes, and process a search query.

FIG. 7 illustrates components of an example machine able to readinstructions from a machine-readable medium and execute the instructionsin a processor (or controller).

DETAILED DESCRIPTION

The Figures (FIGS.) and the following description relate to preferredembodiments by way of illustration only. It should be noted that fromthe following discussion, alternative embodiments of the structures andmethods disclosed herein will be readily recognized as viablealternatives that may be employed without departing from the principlesof what is claimed. It is noted that wherever practicable similar orlike reference numbers may be used in the figures and may indicatesimilar or like functionality.

Configuration Overview

One embodiment of a disclosed system, method, and computer readablestorage medium includes providing search results identifying one or moreapplication representations based on application attributescorresponding to the application representations. As used herein, anapplication can be an object or entity that provides a core set offunctionalities. For example, an application may be a software package,such as MICROSOFT OFFICE. As another example, an application may be awebsite, such as YELP. An application attribute corresponding to anapplication may provide information regarding one or more aspects of theapplication, such as functional aspects, developer information,publisher information, title information, different variations oreditions of the application, etc. An application representation is adata structure containing one more attributes of an application and usedfor representing the application.

In one embodiment, an application search system identifies securityattributes for one or more applications. A security attribute maycorrespond to any suitable security related aspect of an application.For example, a security attribute may indicate whether an applicationcontains malware. Another security attribute may indicate whether anapplication is able to access a user's current location based on globalpositioning system (GPS) coordinates of the user's computing device. Yetanother security attribute may indicate whether an application sendsdata in an unencrypted form.

In one aspect, the security attributes for the applications aredetermined based on restrictive information regarding the securityattributes received from one or more third-party data sources. Forexample, restrictive information for a security attribute correspondingto a particular application may be aggregated from several differentand/or independent sources. In one embodiment, the restrictiveinformation may be suitably processed and/or combined to generate avalue for each of the security attributes.

In one embodiment, based on the security attributes and their associatedvalues, the application search system generates overall security values(also referred to simply as security values) for the one or moreapplications. In other cases, the security values may have beeninherently defined for some applications, and the application searchsystem directly uses these pre-defined security values withoutgenerating them. The security values may be used to support searches forapplication representations performed by the application search system.In one embodiment, for example, the application search system generatesone or more search indexes based on the security values for theapplications. For example, the application search system may generate anapplication search index that only includes a set of representations ofthe applications that meet a threshold security value. Thus, searchresults generated by leveraging the application search index may onlyreturn application representations that meet the threshold securityvalue.

In one embodiment, as another example, the application search system mayuse the generated security values to rank search results generated bythe application search system. For example, responsive to receiving asearch query, the application search system identifies a set ofapplication representations determined to be relevant to the searchquery. Thereafter, the generated security values for the applicationscorresponding to the set of application representations may beretrieved. The application search system may then rank the applicationrepresentations in the set based at least in part on the retrievedsecurity values. In one embodiment, the application search system mayremove, from the search results, any application representationassociated with a security value that does not meet a certain securitythreshold value.

In one embodiment, as yet another example, the application search systemmay include security values in the search results provided to a partner(e.g., an end user or a third-party service associated with an enduser). For instance, responsive to a search query, the applicationsearch system may provide a set of search results. Each result mayindicate an application representation determined to be relevant to thesearch query and a security value corresponding to the applicationrepresentation. The search result, including the security value, may beprovided to a partner for display. In some instances, a partner mayfurther process the search result based on the included security value.

It will be appreciated that while the present disclosure describesapplication search performed based on security attributes, any othersuitable application attribute may be used. For example, the applicationsearch system may perform searches using one or more gaminess attributes(attributes indicative of the probability that an application is a game)of one or more applications.

In one embodiment, the application search system may use combinations ofdifferent types of attributes from different and separate sources togenerate a “community of knowledge.” The community of knowledge may beused to generate, for example, security values and/or other values basedon other types of attributes. For example, the application search systemmay receive a malware score for an application from one source. Theapplication search system may receive an indication as whether encryptsdata from another source. The application search system may receive anindication as to whether an application accesses the contact informationof a user from yet another source. The data from the three sources mayconstitute a community of knowledge that is usable for generating asecurity value for the application.

In one embodiment, the application search system may analyze the changein security values and/or security attribute values over time forvarious applications. For instance, the application search system maydetermine the rate at which the security value of a particularapplication has changed over the last month. Based on identifiedpatterns from the analysis, the application search system may generatepredictions regarding the security values and/or security attributevalues for the applications in the future. For example, based on a rateof decline in the security value of an application over a two monthperiod, the application search system may project, by assuming that asimilar rate of decline will continue, the security value of theapplication one month in the future. Such information can be used toinfluence application searches (e.g., the application search system mayautomatically remove a corresponding application representation fromsearch results if it is likely the security value for the applicationwill fall below a threshold value within a predefined time period in thefuture), sending an indicator to a developer of the application that thesecurity value of the application is falling, etc. In one embodiment,the analysis of the security value of an application may beelectronically or otherwise exchanged for other information and/orservices. For instance, responsive to providing analysis of a securityvalue of an application, the application search system may receiveadditional application-related data from the developer or other entityassociated with the application.

System Architecture

FIG. 1 is a high-level block diagram illustrating a typical environment100 used for performing application searches, according to oneembodiment. Referring to FIG. 1, the environment 100 includes a network130, one or more data sources 135, one or more partners 125, and anapplication search system 105. Each of the one or more data sources 135,one or more partners 125, and application search system 105 may be incommunication with one another via the network 130. Only one applicationsearch system 105, three data sources 135, and three partners 125 areshown in FIG. 1 for purposes of clarity, but those of skill in the artwill recognize that typical environments can have multiple data sources135 and partners 125, and can also have multiple application searchsystems 105.

Some embodiments of the application search system 105 have differentand/or other modules than the ones described herein. Similarly, thefunctions can be distributed among the modules in accordance with otherembodiments in a different manner than is described here. Likewise, thefunctions can be performed by other entities.

The network 130 enables communications between the various entities ofthe environment 100. In one embodiment, the network 130 uses standardcommunications technologies and/or protocols. Thus, the network 130 caninclude links using technologies such as Ethernet, Wireless Fidelity(WiFi) (e.g., 802.11), worldwide interoperability for microwave access(WiMAX), 3G, Long Term Evolution (LTE), digital subscriber line (DSL),asynchronous transfer mode (ATM), InfiniBand, PCI Express AdvancedSwitching, etc. Similarly, the networking protocols used on the network130 can include multiprotocol label switching (MPLS), the transmissioncontrol protocol/Internet protocol (TCP/IP), the User Datagram Protocol(UDP), the hypertext transport protocol (HTTP), the simple mail transferprotocol (SMTP), the file transfer protocol (FTP), etc. The dataexchanged over the network 130 can be represented using technologiesand/or formats including the hypertext markup language (HTML), theextensible markup language (XML), etc. In addition, all or some of linkscan be encrypted using conventional encryption technologies such assecure sockets layer (SSL), transport layer security (TLS), virtualprivate networks (VPNs), Internet Protocol security (IPsec), etc. Inanother embodiment, the entities can use custom and/or dedicated datacommunications technologies instead of, or in addition to, the onesdescribed above. Depending upon the embodiment, the network 130 can alsoinclude links to other networks such as the Internet.

The data sources 135 provide data regarding one or more applications tothe application search system 105. The data sources 135 may include anysuitable data providers, including operators of application stores,application developers, application catalogs, websites (e.g., blogs,application review sites, user feedbacks, etc.), and/or the like.Alternately, the data sources 135 may include data that is generated bythe application search system 105, such as system scan results onparticular applications. For example, the application search system 105may scan an application to determine whether it contains any malwareand/or virus. In some cases, the data sources 135 may supply restrictiveinformation regarding one or more security attributes for one or moreapplications. For example, the restrictive information may includedetails about whether an application contains malware. The restrictiveinformation may also include details about whether an application canaccess a user's location. The restrictive information may also includeinformation indicating the amount of time the user has used anapplication, whether the application downloads contact information ofthe user, whether the application accesses contacts associated with theuser, etc. In one embodiment, each data source 135 may have its owndistinct interface, content, update rate, etc.

The partners 125 provide search queries to the application search system105 and receive search results based on the queries. As used herein, apartner 125 may be a third party entity (e.g., a service, company orother organization) or an end user that leverages the searchfunctionality of the application search system 105. In some instances, apartner 125 may be a third party entity that leverages the searchfunctionality of the application search system 105 via its own websiteor portal. For example, a partner 125 may display an application searchbar on its website. The partner's end users (for ease of understandingalso referred to herein as partners) may interact with the search bar tosend search queries to the system. In other instances, a partner 125 maybe an end user that directly interfaces with a website or portalprovided by the application search system 105.

The application search system 105 performs searches for applicationrepresentations. In one aspect, the application search system 105matches search queries to application representations based on inferredor derived functional capabilities of the search queries andapplications corresponding to the application representations ratherthan only on explicit matches of the keywords associated with the searchqueries and applications corresponding to the applicationrepresentations. In another aspect, the application search system 105determines one or more characteristics of a search query, which mayinclude, platform requirements (e.g., an application that runs on amobile phone with an Android operating system), performance requirements(e.g., an application with a good battery life but needs a largebandwidth for uploading/downloading), usability requirements (e.g., anapplication that is friendly to people with disabilities), and/or thelike. The application search system 105 then searches for applicationrepresentations based on matching between the determined one or morefeatures of the search query and the corresponding features ofapplication representations. In one aspect, the application searchsystem 105 searches for application representations based on thesecurity attributes of applications corresponding to the applicationrepresentations. As shown in FIG. 1, the application search system 105includes a data processing module 110 and an application search module115.

Data Processing Module

FIG. 2 is a high level block diagram illustrating a detailed view ofmodules within the data processing module 110 according to oneembodiment. The modules described in accordance with FIG. 2 areexecutable by one or more computer systems, e.g., computer system 100.Some embodiments of the data processing module 110 have different and/orother modules than the ones described herein. Similarly, the functionscan be distributed among the modules in accordance with otherembodiments in a different manner than is described here. Likewise, thefunctions can be performed by other entities. The data processing module110 includes modules for performing various functions. These modulesinclude an intake module 205 and an indexing module 210.

The intake module 205 receives data from one or more of the data sources135. The data may be later used to support application search. In oneembodiment, the data received from the data sources 135 may includerestrictive information regarding security attributes for one or moreapplications. As used herein, the restrictive information may refer to aset of structured data feeds, wherein each structured data feed isassociated with a single security attribute for one application. In oneembodiment, some of the data received from the data sources 135 mayinclude information regarding the functionalities of the one or moreapplications.

The indexing module 210 generates one or more search indexes usable forsupporting application search. In order to generate the indexes, theindexing module 210 identifies applications from the data received bythe intake module 205. The indexing module 210 additionally extractsattributes for the identified applications. In some cases, the extractedattributes may relate to functional aspects of the identifiedapplications. In other cases, the extracted attributes may relate tocharacteristics of the identified applications, including but notlimited to, sizes of the applications in bytes, names of theapplications, descriptions of the applications, developer information ofthe applications, rating information of the applications, etc. In yetother cases, the extracted attributes may relate to security attributesof the identified applications.

In one embodiment, the identified applications can be represented inapplication representation structures (application representations).More specifically, each identified application can be represented as acollection of its extracted attributes. Following generation of therepresentations, the indexing module 210 generates one or more searchindexes. Each search index may be a data structure populated withvarious application representations. The search indexes may later beused to perform application searches. In one embodiment, the indexingmodule 210 may generate a search index using one or more securityattributes for the applications extracted from the restrictiveinformation received from the data sources 135.

In some cases, when a new application representation is added to asearch index based on one of its attributes, a partner may query otherattributes about the new application representation. For example, a newapplication representation is added to a search index based on itsdeveloper reputation attribute. The application search system 105 mayfurther acquire other attributes of the new application representation(e.g., from third-party sources), such as security attributes, sizeinformation, etc., and provide these other attributes to the partnerresponsive to an application programming interface (API) call made bythe partner to the application search system 105.

Application Search Module

FIG. 3 is a high level block diagram illustrating a detailed view ofmodules within the application search module 115 according to oneembodiment. Some embodiments of the application search module 115 havedifferent and/or other modules than the ones described herein.Similarly, the functions can be distributed among the modules inaccordance with other embodiments in a different manner than isdescribed here. Likewise, the functions can be performed by otherentities. The application search module 115 includes modules forperforming various functions. These modules include a query processingmodule 305, a post processing module 325, and a behavioral analysismodule 330.

The query processing module 305 processes queries received from one ormore partners. In one embodiment, the query processing module 305receives an input Q from a partner. The input Q may include a searchquery and additional context information for the query, such as platformconstraint information, geo-location preferences, partner specificinformation, etc. Based on the input Q, the query processing module 305generates a set of queries. In addition to constructing the set ofqueries, the query processing module 305 additionally generates a set ofquery features F_(q) based on the received search query. A query featuremay be any suitable information related to a search query. For example,a query feature may include information indicating a number of words ina search query. Other query features might include predicted concepts ofthe search query, etc. Query features can also include informationspecifying the popularity or frequency of the received search query.

In one embodiment, the input Q including the search query may indicatewhether security attributes are to be used to influence the searchresults. For example, the partner may specifically indicate in the inputQ that security attributes be considered. In some cases, the partner mayselect, at search time, whether he wants to consider securityattributes. Alternatively, the partner may select whether and/or whatsecurity attributes should be considered at a time prior to an input Qbeing received. For example, prior to any search, a partner can specifythat all searches associated with the partner's end users should havesearch results influenced by application security attributes. In somecases, the application search system may identify a partner usinginformation included in the input Q, such as the partner's IP address,language, a unique identifier for the partner, etc. Based on suchinformation, the application search system can automatically determinewhether a search performed responsive to the input Q should beinfluenced by one or more security attributes. For example, based on aunique code for the partner, the application search system may determinethat the partner previously indicated that all associated searches beinfluenced by one or more security attributes. Thus, the applicationsearch system performs searches for application representations, wherethe search is influenced by one or more security attributes.

After processing the query, the query processing module 305 identifiesan initial set of application representations. Following identificationof the initial set of application representations, the query processingmodule 305 determines application-specific features F_(r) for theapplications corresponding to the initial set of applicationrepresentations. In one embodiment, the application-specific featuresF_(r) associated with each application representation in the initial setmay be related to a corresponding application's various characteristics.The features may also include other data for applications represented bythe application representations, such as the number of times theapplications were clicked or downloaded for the provided input Q, thecurrent overall popularity of the applications, popularity of theapplications with respect to a given partner, etc. The features mayadditionally include spam-scores, security or privacy data about theapplications, etc. The features may further include information aboutthe reputation of the developer and/or publisher of the applications.

In one embodiment, the query processing module 305 processes the initialset of application representations in order to generate a set of rankedsearch results. To do so, the query processing module 305 generates aset of query/result features F_(q/r) that indicate the relationshipsbetween the set of features F_(r) associated with the applicationrepresentations in the initial set and the query features F_(q). Forexample, the set of features F_(q/r) may indicate the distances betweenterms in the search query and terms in the titles of the applicationsrepresented by the application representations.

In some embodiments, the query processing module 305 applies at leastthe application-specific features F_(r), the query/result featureF_(q/r), and the query features F_(q) to a machine learned scoringmodel. The machine learned scoring model may score the relevance of eachapplication representation to the search query based on theapplication-specific features F_(r), the query/result feature F_(q/r),and the query features F_(q). Based on the scoring, the query processingmodule 305 generates a set of search results. The set of search resultsmay include an ordering of application representations from the initialset of application representations based on the scores for theapplication representations. The ordering may indicate the determinedrelevance of the application representations to the search query. In oneapproach, the ordering of application representations may be influencedby any generated security values.

In one embodiment, the post-processing module 325 processes any searchresults to generate a final results list. More specifically, thepost-processing module 325 may obtain display-related metadata for theresults. As used herein, display-related metadata may include anyinformation about an application to be presented to an end user partner.Displayed-related metadata may include application images (e.g.,application screenshots), application descriptions, application videos,etc. In one embodiment, the post-processing module 325 may restrict thenumber of results in the list that are from a single applicationdeveloper or platform. In one embodiment, the search results may includethe security values and/or individual security attribute values for theapplications.

The behavior analysis module 330 monitors the actions of the partnerthat provided the query. For example, the system can determine whichapplication representations were eventually viewed or downloaded by thepartner, etc. Such information can be analyzed to further improve theperformance of subsequent searches performed by the application searchmodule 115.

Process for Performing Searches Using Application Attributes

FIG. 4 illustrates a method for a partner 125 to interact with anapplication search system 105, in accordance with an embodiment. Otherembodiments can perform the steps of the method in different orders andcan include different, additional, and/or fewer steps. The process 400shown in FIG. 4 can be performed by an end user partner's device, forexample, a desktop computer, a laptop computer, a smartphone, etc. Inthe process 400, the end user partner's device sends 402 a search queryto an application search system 105. The search query may have beeninput by the end user partner by interacting with the end user partner'sdevice. The search query may be sent directly to the application searchsystem 105 or indirectly through a second partner (e.g., via a websiteof a third-party organization). In some cases, the search query mayinclude or be associated with an indication that the search be performedbased on the security attributes of the applications. The search queryis processed by the application search system 105 to generate searchresults (discussed more fully below in the context of FIG. 5). In somecases, the search results may be selected and/or ranked according to oneor more security attributes. The end user partner's device then receives404 the search results from the application search system 105. The enduser partner's device displays 406 the search results to the end userpartner. In one approach, the search results displayed may include theapplications' security values based on the applications' securityattribute values.

FIG. 5 illustrates a method for processing a search query, in accordancewith an embodiment. Other embodiments can perform the steps of themethod in different orders and can include different, additional, and/orfewer steps. The process 500 shown in FIG. 5 can be performed by theapplication search system 105. A search query is received 502 by theapplication search system 105. In one embodiment, the search query maybe extracted from an input Q from a partner. The search query may befurther processed by the query processing module 305 to generate a setof query features F_(q). As discussed, a query feature may be anysuitable information related to a search query. For example, a queryfeature may include predicted concepts or desired categories of thesearch query. In some cases, based on the search query, the applicationsearch system 105 may determine whether to perform searches that areinfluenced by security attributes of the applications. Such adetermination may be made based on some terms in the search query or aseparate indication associated with the search query. Alternately, sucha determination may be made based on where the search query comes from.For example, the determination may be made by identifying an IP addressor unique identifier associated with the partner. Based on the IPaddress or unique identifier, the application search system 105 maydetermine that the partner or some other entity previously indicatedthat any searches of the partner be influenced by application securityattributes.

A set of application representations is retrieved 504 in response to thesearch query. In one embodiment, the set of application representationsare identified and retrieved based on the search query. For example, thequery processing module 305 may automatically select one or more searchindexes for retrieving the set of application representations. The queryprocessing module 305 then queries the selected search indexes using thesearch query to identify the set of application representations.Alternatively, the set of application representations may be retrievedby using a modified Lucene learning algorithm. In some embodiments, thequery processing module 305 may further determine application-specificfeatures F_(r) for the set of application representations, and a set ofquery/result features F_(q/r) that indicate the relationships betweenthe query features F_(q) and the application-specific features F_(r).The features F_(r), F_(q/r), and F_(q) corresponding to the applicationrepresentation may then be used by a machine learned scoring model toscore the relevance of each application representation to the searchquery. Based on the scores, the set of application representations maybe ranked.

In one embodiment, the application search system 105 receives 506, fromone or more data sources 135, restrictive information regarding one ormore security attributes for one or more application corresponding tothe set of application representations. A security attribute for anapplication may refer to any security-related aspect of the application.Illustratively, a security attribute of an application may refer towhether the application contains malware. Malware, short for malicioussoftware, is a general term used to refer to a variety of forms ofhostile or intrusive software. Another security attribute of theapplication may refer to whether the application can access a user'slocation. Yet another security attribute of the application may refer towhether the application sends data in an unencrypted form.

In one embodiment, the restrictive information regarding the one or moresecurity attributes may be received from one or more third-party sourcesin any suitable manner. For example, the application search system 105may directly obtain restrictive information from a third-party sourcevia a data feed from the third-party source. As another example, a userof an application A may post his experience with application A and hiscomments on application A on his blog. The user may even giveapplication A his own rating. The application search system 105 mayacquire relevant information about application A from the user's blog.

The restrictive information may be any suitable information. Forinstance, the restrictive information may be a detailed report. Thedetailed report may indicate, for example, that an application A “doesnot access the user's location, contains 1 malware, and sends datawithout encryption.” Alternatively, the restrictive information may be asingle score indicating the security level of an application asdetermined by a particular third-party source. For example a third-partysource may test websites for malware and spam, and provide a singlescore for each tested website. In other cases, the restrictiveinformation may include a combination of scores and detailed reports.For example, a third-party data source may provide information withthree distinct parts: rating categories, content descriptors, andinteractive elements. An entertainment software may be associated with ascore (e.g., a category label) in each of the above distinct parts. Inaddition, the entertainment software may also have “rating summaries”that provide detailed descriptions of the content of the software beingrated.

In some cases, the restrictive information is gathered based on staticanalysis, e.g., normal application scanning for malware, virus, etc. Inother cases, the restrictive information is gathered based on dynamicanalysis, e.g., running the application in an emulator to track theapplication's software development kit calls or other suspiciousactivities, etc. In some embodiments, such static and dynamic analysisof applications may be performed by the application search system 105and/or a suitable third-party entity. In some cases, the static and/ordynamic analysis may be performed in real-time (e.g., immediately afteridentification of an application for a search query). In other cases,the static and/or dynamic analysis may be performed offline (e.g.,before receiving any search query). Results of the offline analysis maybe saved into a system database (e.g., one of the data sources 135 inFIG. 1) for later retrieval.

After retrieving the restrictive information, the application searchsystem 105 generates 508 a security value for each applicationcorresponding to the one or more application representations in the setof application representations. In one embodiment, the security valueincludes a security attribute value for each of the one or more securityattributes. For instance, an application's security value may beexpressed as a weighted sum of the application's security attributevalues: S=Σ_(i=1) ^(L)c_(i)A_(i), where S is the security value, A_(i)is the i^(th) security attribute value, and c_(i) is the i^(th) weight.For example, one security attribute may indicate whether “an applicationcan track a user's location”, and another security attribute mayindicate whether “an application contains malware”. Other securityattributes may indicate whether “an application can access the user'saddress book,” whether “an application can perform in-applicationpurchases,” whether “an application can access a user's credit cardinformation” whether “an application can uniquely identify a user,”whether “an application can send/receive data without encryption,”whether “an application downloads a user's contact list,” whether “anapplication is linked to a user's FACEBOOK contacts,” and/or the like.The above list of security attributes is by no means exhaustive.

In one embodiment, the weights c_(i) are determined in response to thepreferences of the partner and/or a query wrapper associated with thesearch query. The query wrapper may contain additional information inaddition to the actual query, including but not limited to, IP address,language, partner ID number, etc. The query wrapper may be used touniquely identify a particular partner. The preferences of a partner maybe obtained from the partner's past interactions with the applicationsearch system 105. The preferences of a partner may be directly providedby the partner, determined through an analysis performed by the behavioranalysis module 330 of past behavior of the partner, etc.

For example, it may be determined that a partner A is more concernedwith whether an application can track the user's location based on adetermination that partner A has, in the past, avoided downloadingapplication having such an attribute. In contrast, it may be determinedthat a partner B is more concerned with whether an application containsmalware based on a determination that the partner B has specificallyindicated that applications containing malware not appear in searchresults. The weights c_(i) may then be adjusted according to eachpartner's preferences. For instance, the security attribute indicatingwhether “an application can track the user's location” may be given moreweight for partner A, while the security attribute indicating whether“an application contains malware” may be given more weight for partnerB.

In another embodiment, the weights c_(i) are not adjusted, and thepartners may have individual filters tailored to their own preferences.For example, partner A's filter may emphasize the security attributeindicating whether “an application can track the user's location”, whilepartner B's filter may emphasize the security attribute indicatingwhether “an application contains malware”. Each partner's filter isapplied to the one or more application representations to “filter”application representations suited to the partner's individualpreferences. In some cases, a partner's filter is provided via an APIcall made by the partner. For instance, a partner may provide a filterincluding an overall threshold security value. Alternately, a partner'sfilter may include threshold values for certain security attributes.Illustratively, the partner's filter may specify a high threshold valuefor the security attribute indicating whether “an application containsmalware”. As a result, the partner is only shown applicationrepresentations with security attribute values higher than thethreshold. In another approach, the partner is only shown applicationrepresentations with security attribute values lower than the threshold.

In one embodiment, a security attribute value A_(i) is determined basedon the restrictive information regarding the corresponding securityattribute. In addition, the restrictive information may be obtained fromone or more sources, and each source may evaluate the security attributedifferently (e.g., each source may give a different source score).Illustratively, the security attribute value A_(i) may be expressed as aweighted sum of all the source scores: A_(i)=Σ_(j=1) ^(M)b_(ij)x_(ij),where x_(ij) is the j^(th) source score for the i^(th) securityattribute, and b_(ij) is the corresponding weight. As an example, forthe security attribute indicating whether “an application can track auser's location,” different sources (such as APPTHORITY, ESRB, MCAFEE,etc.) may rate an application differently. Some may give the applicationa high score for the security attribute, while others may give theapplication a low score for the security attribute. Additionally, eachsource may use a different rating scheme. For example, one source mayuse a five-star rating system, while another source may use a ten-starrating system. A source score may need to be properly normalized beforeit can be input to the sum A_(i)=Σ_(j=1) ^(M)b_(ij)x_(ij). Essentially,the security attribute value is an “average” source score by taking aweighted sum of all source scores. In one approach, the weight for eachsource score is determined based on the reputation and/or creditabilityof that source. For example, a high weight may be assigned to a scorecoming from a credible, professional rating source (e.g., ESRB). Incontrast, a low weight may be assigned to a score given by an amateuruser's feedback.

In one embodiment, a source score x_(ij) may be determined using one ormore methods, and each method may give a method score. Illustratively,the source score x_(ij) may be expressed as a weighted sum of all methodscores: x_(ij)=Σ_(k=1) ^(N)d_(ijk)m_(ijk), where m_(ijk) is the k^(th)method score for the j^(th) source on the i^(th) security attribute, andd_(ijk) is the corresponding weight. As an example, for the securityattribute indicating whether “an application can track a user'slocation”, a third-party source, may evaluate an application usingmultiple methods. There are a variety of ways that an application cantrack a user's location. For example, the application may access aglobal positioning system (GPS) to track a user's location. Theapplication may also infer a user's location from the user's IP address.In the above example, the third-party source may enumerate the multiplemethods that the application can use to track a user's location, andgive each method a method score m_(ijk) with a corresponding weightd_(ijk) to produce a source score x_(ij). In some cases, the weightsd_(ijk) may be determined from a machine learned model. In other cases,some of the weights d_(ijk) may be zero, indicating that thecorresponding methods are deemed unimportant.

In one embodiment, the security attribute value A_(i) may be furtherprocessed and assigned a binary value. The binary value may bedetermined by comparing A_(i) to a pre-determined threshold value. Forexample, if A_(i) is larger than or equal to the threshold value, thebinary value is 1, indicating that the application is secure in thatsecurity attribute. If A_(i) is less than the threshold value, thebinary value is 0, indicating that the application is not secure in thatsecurity attribute. In some cases, the threshold value may be determinedbased on the preferences of the partner providing the search query. Forinstance, a partner A may have previously indicated or it may beinferred by the application search system 105 based on past behaviorthat the partner A prefers an application that cannot track a user'slocation. Thus, a threshold value for the security attribute indicatingwhether “an application can track a user's location” may be relativelyhigh for the partner A. In contrast, a partner B may have previouslyindicated or it may be inferred by the application search system 105based on past behavior that the partner B only wants an application thatdoes not contain malware. The partner B may not care whether theapplication can track a user's location. Thus, the partner B's thresholdvalue for the security attribute indicating whether “the application cantrack a user's location” may be relatively low. As a result, aparticular application may meet partner B's threshold value, but notpartner A's threshold value, reflecting the partner's differentpreferences.

In some embodiments, the security attribute value A_(i) may include abinary value together with a description. For example, the binary valuemay be 0, and the corresponding description may state “the applicationhas 5 malware packages”. The description may provide more informationabout the security attribute than a single binary value.

After generation of security values for applications corresponding toone or more application representations in the set of applicationrepresentations, the application search system provides 510 the set ofapplication representations for display to the partner. In oneembodiment, the security value S of an application is also displayed inconjunction with the corresponding application representation. In oneapproach, the security value may be displayed as a security indicator.For example, a red indicator may correspond to a non-secure application(“not good to use”), a green indicator may correspond to a secureapplication (“good to use”), and a yellow indicator may correspond to anapplication with medium-level security concerns (“use with caution”).

In some cases, there may be some application representations withoutsecurity values in the set of application representations. Thoseapplication representations may also be provided for display, and theymay be ranked based on the determined relevance of each applicationrepresentation to the search query. In one example, the applicationrepresentations without security values are not provided for display.

In another approach, the application representations with securityvalues are ranked based on the determined relevance of each applicationrepresentation to the search query in conjunction with the correspondingapplication representation's security value. For example, an applicationrepresentation with a determined high relevance together with a highsecurity value is ranked higher than an application representation witha determined high relevance but with a low security value. As a specificexample of ranking, one or more feature vectors for one or moreapplication representations in the set may be generated. Each featurevector may include a set of features for a corresponding applicationrepresentation, where each feature is generated from one or moreapplication attributes included in the application representation. Inone aspect, the security value corresponding to each applicationrepresentation may be used as a feature in a feature vectorcorresponding to the application representation. After generating thefeature vectors for the application representations, the feature vectorsmay be input into a machine-learned scoring model to generate scores forthe application representations. The scores may be used to rank theapplication representations.

In yet another approach, the application representations' securityvalues are compared to a threshold value, and those applicationrepresentations that have lower-than-threshold security values are notprovided for display. For example, if the threshold value is determinedto be 0.5, then any application representation with a security valueless than 0.5 will not be provided for display. Each displayedapplication representation will have a security value higher than orequal to 0.5. The threshold value may be selected by a partner, eitherprior to any search or at search time. Alternatively, the thresholdvalue may be determined by the application search system 105 based onthe partner's past interactions with the application search system 105.For instance, if a partner has consistently avoided downloadingapplications with low security values, the application search system mayautomatically determine to increase the threshold value for theparticular partner. The threshold value for a partner may also bedynamically adjusted based on the partner's feedback. For example, aninitial threshold value may be pre-selected for a partner, and thethreshold value can be dynamically increased or decreased based on thepartner's request.

FIG. 6 illustrates a method for generating search indexes and forprocessing a search query, in accordance with an embodiment. Otherembodiments can perform the steps of the method in different orders andcan include different, additional, and/or fewer steps. The process 600shown in FIG. 6 can be performed by the by the application search system105. More specifically, the process 600 may be performed by the dataprocessing module 110. The entire process 600 may be performed“offline”, e.g., when the application search system 105 is notprocessing search queries.

In one embodiment, the intake module 205 receives 602 information,including restrictive information, regarding a plurality of applicationsfrom one or more data sources 135. The indexing module 210 identifies604 one or more applications from the information. In some approaches,not all of the plurality of applications is identified. For example,some applications within the plurality of applications may have toolittle information for indexing purposes, so these applications areunidentified by the indexing module 210.

The indexing module 210 further extracts 606 one or more securityattributes for the identified applications. Such security attributes mayindicate whether “an application can track a user's location”, whether“an application has malware”, whether “an application sends/receivesdata without encryption”, and so on. In some approaches, the identifiedapplications can be represented in application representationstructures, and each identified application may be represented, in part,as a collection of its extracted security attributes.

Following generation of the representations, the indexing module 210generates 608 one or more search indexes based on the extracted securityattributes for the identified applications. Each search index may bedata structures populated with the representations of the applications.Different kinds of search indexes may be generated. For instance, aforward search index may be generated that stores a list of securityattributes for each application. An inverted search index may also begenerated that stores a list of applications for each securityattribute.

In one embodiment, a security attribute value may be determined for eachextracted security attribute of each application corresponding to eachapplication representation based on the received restrictiveinformation. The security attribute values may be included in thegenerated search indexes. For example, a list of applicationrepresentations for a security attribute in an inverted search index maybe ranked according to each application representation's associatedsecurity attribute value for that security attribute. Determination ofthe security attribute value associated with an applicationrepresentation based on restrictive information can be performed in amanner similar to the determination of security attribute valuesdescribed with respect to the process shown in FIG. 5.

In one embodiment, the security attribute values for a particularsecurity attribute of the one or more application representations may becompared to a threshold value. In some cases, threshold values fordifferent security attributes may be different. A set of applicationrepresentations is identified, wherein each application representationin the set of application representations has at least one securityattribute value less than the security attribute's correspondingthreshold. The set of application representations is then removed fromthe one or more application representations. The search indexes aregenerated from the remaining application representations in the one ormore application representations. Each application representation in theremaining application representations has above-threshold securityattribute values for all extracted security attributes. Thus, the searchresults identified using the search indexes may only include applicationrepresentations that have above-threshold security attribute values.

After security-based search indexes are generated as illustrated above,they can be used to enhance a partner's search results. In oneembodiment, a search query from a partner is received by the applicationsearch system 105. As discussed, a determination may be made by theapplication search system 105 that the partner is interested insearching for applications with high security standards. The search isthen performed using the security-based search indexes instead of normalsearch indexes that are not generated based on security attributes. Theresulting list of application representations is more likely to be ofuse to the partner.

The embodiments described herein beneficially allow application searchsystems to provide higher quality search results. More specifically, byanalyzing security attributes of applications, embodiments can generatesearch results that are more relevant for various partner contexts. Indoing so, partners can more quickly and efficiently locate usefulapplications that meet their needs.

Computing Machine Architecture

FIG. 7 is a block diagram illustrating components of an example machineable to read instructions from a machine-readable medium and executethem in a processor (or controller), as an example of the search system105, partners 125, or client devices. Specifically, FIG. 7 shows adiagrammatic representation of a machine in the example form of acomputer system 700 within which instructions 724 (e.g., software) forcausing the machine to perform any one or more of the methodologiesdiscussed herein may be executed. In alternative embodiments, themachine operates as a standalone device or may be connected (e.g.,networked) to other machines. In a networked deployment, the machine mayoperate in the capacity of a server machine or a client machine in aserver-client network environment, or as a peer machine in apeer-to-peer (or distributed) network environment.

The machine may be a server computer, a client computer, a personalcomputer (PC), a tablet PC, a set-top box (STB), a personal digitalassistant (PDA), a cellular telephone, a smartphone, a web appliance, anetwork router, switch or bridge, or any machine capable of executinginstructions 724 (sequential or otherwise) that specify actions to betaken by that machine. Further, while only a single machine isillustrated, the term “machine” shall also be taken to include anycollection of machines that individually or jointly execute instructions724 to perform any one or more of the methodologies discussed herein.

The example computer system 700 includes one or more processors 702(e.g., a central processing unit (CPU), a graphics processing unit(GPU), a digital signal processor (DSP), one or more applicationspecific integrated circuits (ASICs), one or more radio-frequencyintegrated circuits (RFICs), or any combination of these), a main memory704, and a static memory 706, which are configured to communicate witheach other via a bus 708. The computer system 700 may further includegraphics display unit 710 (e.g., a plasma display panel (PDP), a liquidcrystal display (LCD), a projector, or a cathode ray tube (CRT)). Thecomputer system 700 may also include an alphanumeric input device 712(e.g., a keyboard), a cursor control device 714 (e.g., a mouse, atrackball, a joystick, a motion sensor, or other pointing instrument), astorage unit 716, a signal generation device 718 (e.g., a speaker), anda network interface device 720, which also are configured to communicatevia the bus 708.

The storage unit 716 includes a machine-readable medium 722 on which isstored instructions 724 (e.g., software) embodying any one or more ofthe methodologies or functions described herein. The instructions 724(e.g., software) may also reside, completely or at least partially,within the main memory 704 or within the processor 702 (e.g., within aprocessor's cache memory) during execution thereof by the computersystem 700, the main memory 704 and the processor 702 also constitutingmachine-readable media. The instructions 724 (e.g., software) may betransmitted or received over a network 726 via the network interfacedevice 720.

While machine-readable medium 722 is shown in an example embodiment tobe a single medium, the term “machine-readable medium” should be takento include a single medium or multiple media (e.g., a centralized ordistributed database, or associated caches and servers) able to storeinstructions (e.g., instructions 724). The term “machine-readablemedium” shall also be taken to include any medium that is capable ofstoring instructions (e.g., instructions 724) for execution by themachine and that cause the machine to perform any one or more of themethodologies disclosed herein. The term “machine-readable medium”includes, but is not limited to, data repositories in the form ofsolid-state memories, optical media, and magnetic media.

Additional Configuration Considerations

Throughout this specification, plural instances may implementcomponents, operations, or structures described as a single instance.Although individual operations of one or more methods are illustratedand described as separate operations, one or more of the individualoperations may be performed concurrently, and nothing requires that theoperations be performed in the order illustrated. Structures andfunctionality presented as separate components in example configurationsmay be implemented as a combined structure or component. Similarly,structures and functionality presented as a single component may beimplemented as separate components. These and other variations,modifications, additions, and improvements fall within the scope of thesubject matter herein.

Certain embodiments are described herein as including logic or a numberof components, modules, or mechanisms, for example, as illustrated inFIGS. 1 through 7. Modules may constitute either software modules (e.g.,code embodied on a machine-readable medium or in a transmission signal)or hardware modules. A hardware module is tangible unit capable ofperforming certain operations and may be configured or arranged in acertain manner. In example embodiments, one or more computer systems(e.g., a standalone, client or server computer system) or one or morehardware modules of a computer system (e.g., a processor or a group ofprocessors, e.g., processor 802) may be configured by software (e.g., anapplication or application portion) as a hardware module that operatesto perform certain operations as described herein.

In various embodiments, a hardware module may be implementedmechanically or electronically. For example, a hardware module maycomprise dedicated circuitry or logic that is permanently configured(e.g., as a special-purpose processor, such as a field programmable gatearray (FPGA), an application-specific integrated circuit (ASIC), systemon a chip (SoC), chipset) to perform certain operations. A hardwaremodule may also comprise programmable logic or circuitry (e.g., asencompassed within a general-purpose processor or other programmableprocessor) that is temporarily configured by software to perform certainoperations. It will be appreciated that the decision to implement ahardware module mechanically, in dedicated and permanently configuredcircuitry, or in temporarily configured circuitry (e.g., configured bysoftware) may be driven by cost and time considerations.

The various operations of example methods described herein may beperformed, at least partially, by one or more processors, e.g.,processor 802, that are temporarily configured (e.g., by software) orpermanently configured to perform the relevant operations. Whethertemporarily or permanently configured, such processors may constituteprocessor-implemented modules that operate to perform one or moreoperations or functions. The modules referred to herein may, in someexample embodiments, comprise processor-implemented modules.

The one or more processors may also operate to support performance ofthe relevant operations in a “cloud computing” environment or as a“software as a service” (SaaS). For example, at least some of theoperations may be performed by a group of computers (as examples ofmachines including processors), these operations being accessible via anetwork (e.g., the Internet) and via one or more appropriate interfaces(e.g., application program interfaces (APIs).)

The performance of certain of the operations may be distributed amongthe one or more processors, not only residing within a single machine,but deployed across a number of machines. In some example embodiments,the one or more processors or processor-implemented modules may belocated in a single geographic location (e.g., within a homeenvironment, an office environment, or a server farm). In other exampleembodiments, the one or more processors or processor-implemented modulesmay be distributed across a number of geographic locations.

Some portions of this specification are presented in terms of algorithmsor symbolic representations of operations on data stored as bits orbinary digital signals within a machine memory (e.g., a computermemory). These algorithms or symbolic representations are examples oftechniques used by those of ordinary skill in the data processing artsto convey the substance of their work to others skilled in the art. Asused herein, an “algorithm” is a self-consistent sequence of operationsor similar processing leading to a desired result. In this context,algorithms and operations involve physical manipulation of physicalquantities. Typically, but not necessarily, such quantities may take theform of electrical, magnetic, or optical signals capable of beingstored, accessed, transferred, combined, compared, or otherwisemanipulated by a machine. It is convenient at times, principally forreasons of common usage, to refer to such signals using words such as“data,” “content,” “bits,” “values,” “elements,” “symbols,”“characters,” “terms,” “numbers,” “numerals,” or the like. These words,however, are merely convenient labels and are to be associated withappropriate physical quantities.

Unless specifically stated otherwise, discussions herein using wordssuch as “processing,” “computing,” “calculating,” “determining,”“presenting,” “displaying,” or the like may refer to actions orprocesses of a machine (e.g., a computer) that manipulates or transformsdata represented as physical (e.g., electronic, magnetic, or optical)quantities within one or more memories (e.g., volatile memory,non-volatile memory, or a combination thereof), registers, or othermachine components that receive, store, transmit, or displayinformation.

As used herein any reference to “one embodiment” or “an embodiment”means that a particular element, feature, structure, or characteristicdescribed in connection with the embodiment is included in at least oneembodiment. The appearances of the phrase “in one embodiment” in variousplaces in the specification are not necessarily all referring to thesame embodiment.

Some embodiments may be described using the expression “coupled” and“connected” along with their derivatives. For example, some embodimentsmay be described using the term “coupled” to indicate that two or moreelements are in direct physical or electrical contact. The term“coupled,” however, may also mean that two or more elements are not indirect contact with each other, but yet still co-operate or interactwith each other. The embodiments are not limited in this context.

As used herein, the terms “comprises,” “comprising,” “includes,”“including,” “has,” “having” or any other variation thereof, areintended to cover a non-exclusive inclusion. For example, a process,method, article, or apparatus that comprises a list of elements is notnecessarily limited to only those elements but may include otherelements not expressly listed or inherent to such process, method,article, or apparatus. Further, unless expressly stated to the contrary,“or” refers to an inclusive or and not to an exclusive or. For example,a condition A or B is satisfied by any one of the following: A is true(or present) and B is false (or not present), A is false (or notpresent) and B is true (or present), and both A and B are true (orpresent).

In addition, use of the “a” or “an” are employed to describe elementsand components of the embodiments herein. This is done merely forconvenience and to give a general sense of the invention. Thisdescription should be read to include one or at least one and thesingular also includes the plural unless it is obvious that it is meantotherwise.

Upon reading this disclosure, those of skill in the art will appreciatestill additional alternative structural and functional designs for asystem and a process for generating search results based on applicationattributes through the disclosed principles herein. Thus, whileparticular embodiments and applications have been illustrated anddescribed, it is to be understood that the disclosed embodiments are notlimited to the precise construction and components disclosed herein.Various modifications, changes and variations, which will be apparent tothose skilled in the art, may be made in the arrangement, operation anddetails of the method and apparatus disclosed herein without departingfrom the spirit and scope defined in the appended claims.

What is claimed is:
 1. A computer-implemented method for performingapplication searches, the method comprising an application search systemperforming the steps of: receiving, from a partner, a search query;retrieving a set of application representations in response to thesearch query; obtaining, from one or more sources, restrictiveinformation regarding one or more security attributes for one or moreapplication representations in the set of application representations;generating a security value for each of the one or more applicationrepresentations in the set of application representations, wherein thesecurity value includes a security attribute value for each of the oneor more security attributes, the security attribute value determined foreach of the one or more security attributes based on the restrictiveinformation regarding the corresponding security attribute; andproviding, for display at a user interface, the set of applicationrepresentations retrieved in response to the search query, wherein eachgenerated security value is displayed in conjunction with thecorresponding application representation in the one or more applicationrepresentations in the set of application representations.
 2. The methodof claim 1, further comprising: ranking the one or more applicationrepresentations in the set of application representations, eachapplication representation ranked based on the determined relevance ofthe application representation to the search query in conjunction withthe application representation's security value.
 3. The method of claim1, further comprising: identifying a subset of applicationrepresentations from the set of application representations, eachapplication representation in the subset of application representationshaving a security value less than a threshold value; and removing, fromthe set of application representations, the subset of applicationrepresentations.
 4. The method of claim 1, further comprising:determining, from the search query, an indication that an applicationrepresentation's security value be used to influence the applicationrepresentation's ranking; and ranking the one or more applicationrepresentations in the set of application representations, eachapplication representation ranked based at least in part on theapplication representation's security value.
 5. The method of claim 1,wherein the one or more sources comprise one or more third-partysources.
 6. The method of claim 1, wherein the restrictive informationcomprises results of a security scan for the one or more applicationrepresentations.
 7. The method of claim 1, wherein the restrictiveinformation comprises user feedback regarding the one or moreapplication representations.
 8. The method of claim 1, wherein thesecurity value for each application representation comprises a weightedsum of the one or more security attribute values for the correspondingapplication representation.
 9. The method of claim 8, wherein theweights in the weighted sum are determined based on the preferences ofthe partner.
 10. The method of claim 1, wherein the security attributevalue comprises a weighted sum of source scores, each source scoredetermined from a source of the one or more sources based on therestrictive information regarding the security attribute.
 11. The methodof claim 10, wherein the source score comprises a weighted sum of one ormore method scores, each method score calculated by a method chosen bythe source.
 12. A computer-implemented method for generating searchindexes to support application search, the method comprising anapplication search system performing the steps of: receiving, from oneor more sources, information for a plurality of applicationrepresentations, the information including restrictive informationregarding a plurality of security attributes for the plurality ofapplications; identifying, from the received information, one or moreapplication representations; extracting one or more security attributesfor the identified one or more application representations based on therestrictive information; and generating one or more search indexes basedon the extracted one or more security attributes for the identified oneor more application representations.
 13. The method of claim 12, furthercomprising: determining a security attribute value for each of theextracted one or more security attributes for the identified one or moreapplication representations based on the restrictive information. 14.The method of claim 13 wherein the step of generating one or more searchindexes comprises: identifying a set of application representations fromthe one or more application representations, each applicationrepresentation in the set of application representations having at leastone security attribute value less than a threshold value for saidsecurity attribute; removing, from the one or more applicationrepresentations, the set of application representations; and generatingone or more search indexes based on the extracted one or more securityattributes for the remaining application representations in the one ormore application representations.
 15. A non-transitory computer-readablestorage medium storing computer program instructions executable toperform steps comprising: receiving, from a partner, a search query;retrieving a set of application representations in response to thesearch query; obtaining, from one or more sources, restrictiveinformation regarding one or more security attributes for one or moreapplication representations in the set of application representations;generating a security value for each of the one or more applicationrepresentations in the set of application representations, wherein thesecurity value includes a security attribute value for each of the oneor more security attributes, the security attribute value determined foreach of the one or more security attributes based on the restrictiveinformation regarding the corresponding security attribute; andproviding, for display at a user interface, the set of applicationrepresentations retrieved in response to the search query, wherein eachgenerated security value is displayed in conjunction with thecorresponding application representation in the one or more applicationrepresentations in the set of application representations.
 16. Acomputer program product for performing application search, the computerprogram product comprising at least one processor; and a non-transitorycomputer-readable storage medium storing computer program instructionsthat when executed cause the at least one processor to: receive, from apartner, a search query; retrieve a set of application representationsin response to the search query; obtain, from one or more sources,restrictive information regarding one or more security attributes forone or more application representations in the set of applicationrepresentations; generate a security value for each of the one or moreapplication representations in the set of application representations,wherein the security value includes a security attribute value for eachof the one or more security attributes, the security attribute valuedetermined based on the restrictive information regarding thecorresponding security attribute; and provide, for display at a userinterface, the set of application representations retrieved in responseto the search query, wherein each generated security value is displayedin conjunction with the corresponding application representation in theone or more application representations in the set of applicationrepresentations.